Jump to content
Sign in to follow this  
tatane

Interact with controls in Windows logon screen

Recommended Posts

tatane
Posted (edited)

Hi,

I would like to send some text to win logon screen username/password fields. I administrate a lot of computers and I would like to automate the logon by inserting login and password from a server app.  A client app is running as service on the client computers. I can "Send()" text in those 2 fields with paexec (opensource psexec) but I can't determine precisly in what field i'm writing. I tried severals ControlSend() options and all of them write in the field containing the active cursor.

Is there a way to get some informations about this session 0 input controls ?

Is there a solution to send text to those controls without third party program (with my client app running as system) ?

Thanks.

Edited by tatane

Share this post


Link to post
Share on other sites
jdelaney
Posted (edited)

You can get controls of apps running in session 0, just make sure not to expect a window state of active.  So things like Send won't work.  Also make sure your script is running in session 0...you won't be able to reach session 0 apps from a user session.

 

If your company allows it, I'd do this...and have auto log-off turned off

https://support.microsoft.com/en-us/help/324737/how-to-turn-on-automatic-logon-in-windows

It's ok for vms, where you need to authenticate into the application to access the vms anyways.

Edited by jdelaney

IEbyXPATH-Grab IE DOM objects by XPATH IEscriptRecord-Makings of an IE script recorder ExcelFromXML-Create Excel docs without excel installed GetAllWindowControls-Output all control data on a given window.

Share this post


Link to post
Share on other sites
tatane

Thanks for your answer jdelaney. Unfortunately I don't want to use Autologon with registry. I just want to avoid writing my username/password 20 times to 20 computers in a classroom each time I need to connect to my domain.

Finally I found what I was looking for. I use paexec to launch Autoit Windows Info on the logon screen (screenshot).

And this piece of code to send the username and password :

$hdle1 = ControlGetHandle("Ouverture de session Windows", "", "[CLASS:Edit; INSTANCE:1]")
$hdle2 = ControlGetHandle("Ouverture de session Windows", "", "[CLASS:Edit; INSTANCE:2]")

ToolTip("$hdle1="&$hdle1 & "   $hdle2="& $hdle2) ; debug

ControlSetText("Ouverture de session Windows", "", $hdle1, "username")
ControlSetText("Ouverture de session Windows", "", $hdle2, "password")

The ControlSend function is not reliable at all. Sometimes it works sometimes it doesn't.

 

The last thing I would like to do is doing this without the help of Paexec.exe. So implementing it in Autoit in my client App running as system on the client computer. Unfortunately my knowlegde in C++ is too low for translating from the Paexec open source code session 0 interactive part to Autoit.

LogonScreenInfo.png

  • Like 1

Share this post


Link to post
Share on other sites
tatane
Posted (edited)

I found what I was looking for : http://reboot.pro/files/file/255-runatwinlogon/

So now my client running as service can fill up the 2 Edit controls with username and password.

 

The problem is the "->" button. If I use Send("{ENTER}")  sometimes it works sometimes it doesn't.

This button is not a control button (I can't find it with Autoit windows spy or equivalent). I don't want to rely on mouse click with some x,y positions.

Is there a way to simulate a click on this button ? Or maybe use the API function that is triggered when we manually click this button ?

Thanks.

 

EDIT : I found this doc : https://docs.microsoft.com/fr-fr/windows/desktop/api/credentialprovider/nn-credentialprovider-iconnectablecredentialprovidercredential

Edited by tatane

Share this post


Link to post
Share on other sites
JLogan3o13

@tatane you seem to have missed this in the forum rules:

Quote

1. Do not ask for help with AutoIt scripts, post links to, or start discussion topics on the following subjects:

  • Malware of any form - trojan, virus, keylogger, spam tool, "joke/spoof" script, etc.
  • Bypassing of security measures - log-in and security dialogs, CAPTCHAs, anti-bot agents, software activation, etc.

Finding a way past the security measures on the Windows logon screen is not something we are prepared to support around here.

I would suggest others reading this thread re-familiarize themselves with the rules before helping next time.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×